The portal operating system interface (POSIX) is a set of standards maintained by the Institute of Electrical and Electronics Engineers (IEEE) for specifying compatibility between operating systems. The set of standards may define various features, such as command line shells, utilities, and application programming interfaces.
POSIX may also specify privileges. A POSIX-based system may include a framework for allowing certain running code access to certain resources through the use of users and groups. Users and groups can be granted ownership and/or permissions to access any files on the system, as well as permissions for a number of other activities. However, because the assignment of privileges is optional, privileges are often omitted.
A common problem with POSIX-based systems is that running code on the system is given full access to everything through the root user. Consequently, if an attacker were to exploit a security vulnerability on the system, the attacker would gain complete access through the root user to the entire system, which could be avoided if permissions were properly restricted.